package com.accloud.service;

public class ACACL {
    private static String readTag = "read";
    private static String writeTag = "write";
    private boolean isPublicReadAllow = true;
    private boolean isPublicWriteAllow = false;
    private ACObject userAccessObj = new ACObject();
    private ACObject userDenyObj = new ACObject();

    public enum OpType {
        READ,
        WRITE
    }

    public void setPublicReadAccess(boolean allow) {
        this.isPublicReadAllow = allow;
    }

    public void setPublicWriteAccess(boolean allow) {
        this.isPublicWriteAllow = allow;
    }

    public void setUserAccess(OpType opType, long userId) {
        setUserAccessMap(this.userAccessObj, opType, true, getUserKey(userId));
    }

    public void unsetUserAccess(OpType opType, long userId) {
        setUserAccessMap(this.userAccessObj, opType, false, getUserKey(userId));
    }

    public void setUserDeny(OpType opType, long userId) {
        setUserAccessMap(this.userDenyObj, opType, true, getUserKey(userId));
    }

    public void unsetUserDeny(OpType opType, long userId) {
        setUserAccessMap(this.userDenyObj, opType, false, getUserKey(userId));
    }

    public boolean isReadAllowed(Long user) {
        return isAllowed(user, readTag);
    }

    public boolean isWriteAllowed(Long user) {
        return isAllowed(user, writeTag);
    }

    private boolean isAllowed(Long user, String tag) {
        ACObject authObj = getAuthObjectByKey(this.userDenyObj, getUserKey(user.longValue()), false);
        if (authObj != null && authObj.get(tag) != null && ((Boolean) authObj.get(tag)).booleanValue()) {
            return false;
        }
        if (tag.equals(readTag) && this.isPublicReadAllow) {
            return true;
        }
        if (tag.equals(writeTag) && this.isPublicWriteAllow) {
            return true;
        }
        ACObject authObj2 = getAuthObjectByKey(this.userAccessObj, getUserKey(user.longValue()), false);
        return (authObj2 == null || authObj2.get(tag) == null || !((Boolean) authObj2.get(tag)).booleanValue()) ? false : true;
    }

    private void setUserAccessMap(ACObject accessObj, OpType opType, boolean allow, String key) {
        String tag = null;
        if (opType == OpType.READ) {
            tag = "read";
        } else if (opType == OpType.WRITE) {
            tag = "write";
        }
        ACObject authObj = getAuthObjectByKey(accessObj, key, true);
        if (allow) {
            authObj.put(tag, true);
        } else if (authObj != null) {
            authObj.delete(tag);
        }
    }

    private String getUserKey(long user) {
        return "USER:" + String.valueOf(user);
    }

    private ACObject getAuthObjectByKey(ACObject accessObj, String key, boolean create) {
        ACObject authObj = (ACObject) accessObj.get(key);
        if (authObj != null || !create) {
            return authObj;
        }
        ACObject authObj2 = new ACObject();
        accessObj.put(key, authObj2);
        return authObj2;
    }

    public ACObject toObject() {
        ACObject aclObj = new ACObject();
        aclObj.put("isPublicReadAllow", Boolean.valueOf(this.isPublicReadAllow));
        aclObj.put("isPublicWriteAllow", Boolean.valueOf(this.isPublicWriteAllow));
        aclObj.put("userAccessMap", this.userAccessObj);
        aclObj.put("userDenyMap", this.userDenyObj);
        return aclObj;
    }
}
